Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Unknown html malcode and CMS issue....
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Unknown html malcode and CMS issue.... (Read 1932 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Unknown html malcode and CMS issue....
«
on:
February 06, 2016, 08:39:40 PM »
See:
https://www.virustotal.com/en/url/585fad8a15cd1e3576455caa60d6b6a9f7acc8fbbd77c0562fdcfaa316068345/analysis/1454786415/
11 malicious files in wp-content and wp-includes:
http://quttera.com/detailed_report/www.ecoplastcorp.com
Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Detected malicious JavaScript code
Detected libraries:
jquery-migrate - 1.2.1 : -http://www.ecoplastcorp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : (active1) -http://www.ecoplastcorp.com/wp-includes/js/jquery/jquery.js?ver=1.11.3
(active) - the library was also found to be active by running code
1 vulnerable library detected
Known javascript malware in this code. Details:
http://labs.sucuri.net/db/malware/malware-entry-mwexploitkitblackhole1?v305
Script blockers will block this external link: -http://www.statcounter.com/ - sources and sinks:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.statcounter.com%2Fcounter%2Fcounter.js
external link risk status:
http://toolbar.netcraft.com/site_report?url=http://pon.belayadama.info
Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.
/wp-content/uploads/ enabled
/wp-content/plugins/ disabled
Directory indexing was tested on the /wp-content/uploads/ and /wp-content/plugins/ directores. Note that other directories may have this web server feature enabled, so ensure you check other folders in your installation. It is good practice to ensure directory indexing is disabled for your full WordPress installation either through the web server configuration or .htaccess.
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Secondmineboy
Avast Evangelist
Massive Poster
Posts: 3645
Re: Unknown html malcode and CMS issue....
«
Reply #1 on:
February 06, 2016, 08:51:33 PM »
Avast blocks 8 JS: IFrame infections inside the wp-content and wp-includes folder on every link you click
Logged
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: Unknown html malcode and CMS issue....
«
Reply #2 on:
February 06, 2016, 09:24:23 PM »
Good to know we are being protected here...
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Unknown html malcode and CMS issue....